"Quote from: robert.haugen@gmail.com on December 14, 2025, 12:36:24 PMThreats from abuse.ch / URLhaus not generating alertsThank you for sharing! Great!
Threat intelligence feeds from abuse.ch / URLhaus are not generating alerts.
I have enabled abuse.ch / URLhaus and configured all associated rules to generate alerts.
Example:
SID: 81873344
URL: https://urlhaus.abuse.ch/url/1010244/
Test performed:
curl https://pastebin.com/raw/beW39LtA --output bull.shit
This activity does not generate any alert in Suricata.
curl http://testmyids.com Works Ok.
However, Microsoft Defender on my PC does generate an alert for the same test.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Intrusion Detection and Prevention / Re: Threats from abuse.ch / URLhaus not generating alerts
February 11, 2026, 09:48:39 AMPages1
